package pt.mauromad.guias.controller.admin;

import static pt.mauromad.guias.utils.transformation.Transformations.User2Dao;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.ui.Model;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import pt.mauromad.guias.bean.UserBean;
import pt.mauromad.guias.controller.BaseController;
import pt.mauromad.guias.dao.DomainDao;
import pt.mauromad.guias.dao.UserDao;
import pt.mauromad.guias.utils.form.Action;

public class AdminUserController extends BaseController {
	@PreAuthorize("hasAnyRole('ROLE_ADMIN')")
	@RequestMapping("/admin/user/{domain}/all")
	public final String all(Model model, @PathVariable DomainDao domain) {
		model.addAttribute("users", domain.getUsers());
		return "list/all-users";
	}

	@PreAuthorize("hasAnyRole('ROLE_ADMIN')")
	@RequestMapping(value = "/admin/user/{domain}/{username:[a-z0-9\\.]+}", method = RequestMethod.GET)
	public final String show(Model model, @PathVariable String username, @PathVariable DomainDao domain) {
		model.addAttribute("user", userService.get(domain, username));
		add(model, Action.createPost("manage"));
		return "user-form";
	}

	@PreAuthorize("hasAnyRole('ROLE_ADMIN')")
	@RequestMapping(value = "/admin/user/{domain}/{username:[a-z0-9\\.]+}", method = RequestMethod.POST, params = "action=manage")
	public final String manage(Model model, @PathVariable String username, @PathVariable DomainDao domain) {
		model.addAttribute("user", userService.get(domain, username));
		setEditable(model);
		if (isAdministrator())
			model.addAttribute("roleList", roleService.all());
		add(model, Action.createPost("manage.save"));
		return "user-form";
	}

	@PreAuthorize("hasAnyRole('ROLE_ADMIN')")
	@RequestMapping(value = "/admin/user/{domain}/{username:[a-z0-9\\.]+}", method = RequestMethod.POST, params = "action=manage.save")
	public final String manageSave(Model model, @Validated UserBean bean, @PathVariable String username, @PathVariable DomainDao domain) {
		UserDao user = userService.get(domain, username);

		user.setFirstName(bean.getFirstName());
		user.setLastName(bean.getLastName());
		user.setPassword(bean.getPassword());
		user.setRoles(bean.getRoles());

		userService.save(user);

		return redirect("/admin/user/%s/%s", domain, bean.getUsername());
	}

	@PreAuthorize("hasAnyRole('ROLE_ADMIN')")
	@RequestMapping(value = "/admin/user/{domain}/new", method = RequestMethod.GET)
	public final String newUser(Model model) {
		setEditable(model);
		add(model, Action.createPost("new.save"));
		return "user-form";
	}

	@PreAuthorize("hasAnyRole('ROLE_ADMIN')")
	@RequestMapping(value = "/admin/user/{domain}/new", method = RequestMethod.POST)
	public final String saveNewUser(Model model, @Validated UserBean user, @PathVariable DomainDao domain) {
		UserDao dao = User2Dao.get(user);
		dao.setDomain(domain);
		userService.save(dao);

		return redirect("/account/%s", domain);
	}
}
